[Python-ideas] Should our default random number generator be secure?

Xavier Combelle xavier.combelle at gmail.com
Thu Sep 10 18:18:37 CEST 2015


My belief is that doing the safe thing by default is a major plus of
python. So in this point of view, using a cryptographic secure PRNG for
random.random() should be done if possible.

That would not change a lot the way of people creating insecure software by
lack of knowledge (me the first) but could help a little

I see a third: rename random.random() to be be something that gets the
> point across it is not crypto secure and then stop at that. I don't think
> the stdlib should get into the game of trying to provide a RNG that we
> claim is cryptographically secure as that will change suddenly when a
> weakness is discovered (this is one of the key reasons we chose not to
> consider adding requests to the stdlib, for instance).
>
>
This is in my opinion would not be a good idea. Having safe default is a
major plus of python, it is not like not having default because one think
it eventually it could become insecure.  And comparing a cryptographic
secure PNRG with openSSL for the expected security release time is not fair
because the complexity of  the both software is clearly different.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20150910/7d003fc5/attachment.html>


More information about the Python-ideas mailing list